research
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of YAML frontmatter and Markdown instructions. It does not include any executable scripts (.sh, .py, .js), binaries, or configuration files that invoke system commands.
- [PROMPT_INJECTION] (SAFE): No patterns of prompt injection, such as 'ignore previous instructions' or safety filter bypasses, were detected. The instructions remain within the context of the 'Research Agent' role.
- [DATA_EXFILTRATION] (SAFE): No hardcoded credentials, sensitive file paths (e.g., ~/.ssh, .env), or network-related commands (curl, wget) were found. The skill directs the agent to use local 'Glob' and 'Grep' tools, which are standard for code analysis.
- [REMOTE_CODE_EXECUTION] (SAFE): There are no instructions for installing third-party packages or downloading/executing remote scripts.
- [Indirect Prompt Injection] (SAFE): While the skill facilitates the reading of untrusted data (the codebase being analyzed), it does not contain dangerous interpolations or executable logic that would enable a pivot to high-risk actions. It is a standard analysis surface.
Audit Metadata